Stephen Withers reports:
Regulations such as the General Data Protection Regulation (GDPR) and the Australian Prudential Regulation Authority’s (Apra’s) CPS 230 standard have led organisations to become “really obsessed” with the 72-hour notification window following a data breach, according to Shannon Murphy, global security and risk strategist at Trend Micro.
However, this focus means many are still making common and costly mistakes when dealing with incidents.
Murphy said the lack of a formal incident response plan increases the stress on those handling such events, and consequently, “people are burning out”. This high-pressure environment can lead to two other critical risks.
The first is evidence being damaged, destroyed or otherwise invalidated by panicked attempts to restore services as quickly as possible. The second is the human tendency to start a blame game, which can also lead to evidence being deliberately concealed or destroyed.
Read more at Computer Weekly.
OK, but “can lead to” isn’t the same has “had led to.” Is there any actual evidence that these things are occurring as a result of the 72-hour notification requirement? There doesn’t seem to be any in this article or any link to evidence that this is happening more often because of the 72-hour window.